The present invention relates generally to electronic mail (“e-mail”), and more specifically, to a method and system for identifying unsolicited e-mail messages utilizing checksums.
Unsolicited bulk e-mail, commonly referred to as “SPAM”, is increasingly becoming a nuisance to computer users. SPAM e-mail is generally defined as an unsolicited mailing, usually to a large number of people. SPAM can be very annoying to the recipient because it interrupts other activities, consumes system resources, and requires active efforts by recipients who want to dispose of these unwanted messages.
SPAM is also an increasing problem for Internet Service Providers (ISPs) and entities with easily identifiable e-mail addresses such as large corporations. ISPs object to junk mail because it reduces their users' satisfaction of the services. Corporations want to eliminate junk mail because it reduces worker productivity. SPAM impacts organizations by occupying employees' time and increasing security risks. Time is spent by employees to open each message, classify it as legitimate or junk e-mail, and delete the message. Time may also be spent by employees following up on advertising content while on the job. Employees may also be deceived into acting improperly, such as to release confidential information, due to a forged message. There is also a loss of the network administrator's time in dealing with SPAM and forged messages, as well as the use of network bandwidth, disk space, and system memory required to store the messages. Also, in the process of deleting junk mail, users may inadvertently discard or overlook other important messages. Another objection to SPAM is that it is frequently used to advertise objectionable, fraudulent, or dangerous content, such as pornography or to propagate financial scams such as illegal pyramid schemes.
SPAM such as chain letters or Hoax e-mails often cause network problems such as Denial of Service (DoS) to the mail server or gateway. Furthermore, after a user repeatedly becomes alarmed by these messages, only to learn that there was no real virus, the user may get into the habit of ignoring all virus warning messages. This leaves computer users especially vulnerable to the next real and truly destructive virus.
Conventional systems used to detect SPAM typically search for key phrases in the subject header to determine whether the recipient is actually on the list of users to receive e-mail. The person or organization that generates the junk mail (referred to as a “spammer”) often gets around filtering methods by using a different e-mail address for each mailing or forwarding his e-mail by way of an intermediary to conceal the actual origin. Instead of mailing directly from an easily traced account at a major Internet service provider, spammers may, for instance, sent their e-mail from a SPAM-friendly network, using forged headers, and relay the message through intermediate hosts.